Maryam Zahid, Atif Mashkoor, Zahid Mehmood,
"Security Risk Mitigation of Cyber Physical Systems: A Case Study of a Flight Simulator"
, in Gabriele Anderst-Kotsis, A Min Tjoa, Ismail Khalil, Mourad Elloumi , Atif Mashkoor, Johannes Sametinger, Xabier Larri´ucea, Anna Fensel, Jorge Martinez Gil, B. Moser, C. Seifert, M. Ganitzer: Database and Expert Systems Applications - DEXA 2019 International Workshops BIOKDD, IWCFS, MLKgraphs and TIR, Linz, Austria, August 26-29, 2019, Proceedings, Serie Communications in Computer and Information Science, Vol. 1062, Springer, Seite(n) 129-138, 2019
Security Risk Mitigation of Cyber Physical Systems: A Case Study of a Flight Simulator
Sprache des Titels:
Database and Expert Systems Applications - DEXA 2019 International Workshops BIOKDD, IWCFS, MLKgraphs and TIR, Linz, Austria, August 26-29, 2019, Proceedings
Avionics has seen a greatest shift in technology over the last two decades. The severity of the consequences resulting from a lack of risk management in avionics can be seen from recent incidents of unmanned aerial vehicles being hacked or in the hacking of vendor-controlled systems installed in commercial aircrafts. Over a million incidents related to security breaches at cyber layer have been recorded over the last decade, among which 350,000 cyber-attacks alone have taken place in the year 2018. Unfortunately, only a limited set of studies have been conducted on security risk management, particularly specific to avionics. In this article, we aim to identify, analyze and mitigate the security risks of 6 Degree of Freedom Flight Simulator. As a result, we identify 8 risks of level 3?4 as per the IEC 61508 standard. Further analysis of the identified risks yields in another 34 risks. We then mitigate the severity of the identified risks from level 4 to level 2 as per the IEC 61508 standard. The cryptosystem used for risk mitigation performed relatively faster as compared to some of the most recently proposed encryption schemes.
Sprache der Kurzfassung:
Communications in Computer and Information Science